diff options
author | netblue30 <netblue30@protonmail.com> | 2021-02-23 08:40:02 -0500 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2021-02-23 08:40:02 -0500 |
commit | 80868ffa70784fae2642c3d9219e08a17822bc86 (patch) | |
tree | 430b0a9c90e9adad7b18f601e3fc5ba1d92bebe2 /src/man/jailtest.txt | |
parent | hardening ssh, tor (diff) | |
download | firejail-80868ffa70784fae2642c3d9219e08a17822bc86.tar.gz firejail-80868ffa70784fae2642c3d9219e08a17822bc86.tar.zst firejail-80868ffa70784fae2642c3d9219e08a17822bc86.zip |
jailtest
Diffstat (limited to 'src/man/jailtest.txt')
-rw-r--r-- | src/man/jailtest.txt | 58 |
1 files changed, 41 insertions, 17 deletions
diff --git a/src/man/jailtest.txt b/src/man/jailtest.txt index bc1999163..1b64097ea 100644 --- a/src/man/jailtest.txt +++ b/src/man/jailtest.txt | |||
@@ -19,9 +19,12 @@ and tries to run them form inside the sandbox, thus testing if the directory is | |||
19 | \fB3. Read access test | 19 | \fB3. Read access test |
20 | jailtest creates test files in the directories specified by the user and tries to read | 20 | jailtest creates test files in the directories specified by the user and tries to read |
21 | them from inside the sandbox. | 21 | them from inside the sandbox. |
22 | |||
23 | .TP | 22 | .TP |
24 | The program is running as root exclusively under sudo. | 23 | \fB4. AppArmor test |
24 | .TP | ||
25 | \fB5. Seccomp test | ||
26 | .TP | ||
27 | The program is started as root using sudo. | ||
25 | 28 | ||
26 | .SH OPTIONS | 29 | .SH OPTIONS |
27 | .TP | 30 | .TP |
@@ -35,7 +38,7 @@ Print options end exit. | |||
35 | Print program version and exit. | 38 | Print program version and exit. |
36 | .TP | 39 | .TP |
37 | \fB[directory] | 40 | \fB[directory] |
38 | One or more directories in user home to test for read access. | 41 | One or more directories in user home to test for read access. ~/.ssh and ~/.gnupg are tested by default. |
39 | 42 | ||
40 | .SH OUTPUT | 43 | .SH OUTPUT |
41 | For each sandbox detected we print the following line: | 44 | For each sandbox detected we print the following line: |
@@ -46,37 +49,58 @@ It is followed by relevant sandbox information, such as the virtual directories | |||
46 | 49 | ||
47 | .SH EXAMPLE | 50 | .SH EXAMPLE |
48 | 51 | ||
52 | $ sudo jailtest | ||
49 | .br | 53 | .br |
50 | $ sudo jailtest ~/.ssh ~/.gnupg | 54 | 2014:netblue::firejail /usr/bin/gimp |
51 | .br | 55 | .br |
52 | 1429:netblue::/usr/bin/firejail /opt/firefox/firefox | 56 | Virtual dirs: /tmp, /var/tmp, /dev, /usr/share, |
53 | .br | 57 | .br |
54 | Virtual dirs: /home/netblue, /tmp, /var/tmp, /dev, /etc, | 58 | Warning: I can run programs in /home/netblue |
59 | .br | ||
60 | |||
55 | .br | 61 | .br |
56 | 5602:netblue::/usr/bin/firejail /usr/bin/ssh netblue@x.y.z.net | 62 | 2055:netblue::firejail /usr/bin/ssh -X netblue@x.y.z.net |
57 | .br | 63 | .br |
58 | Virtual dirs: /var/tmp, /dev, | 64 | Virtual dirs: /var/tmp, /dev, /usr/share, /run/user/1000, |
59 | .br | 65 | .br |
60 | Warning: I can read ~/.ssh | 66 | Warning: I can read ~/.ssh |
61 | .br | 67 | .br |
62 | 5926:netblue::/usr/bin/firejail /usr/bin/gimp-2.10 | 68 | |
69 | .br | ||
70 | 2186:netblue:libreoffice:firejail --appimage /opt/LibreOffice-fresh.appimage | ||
63 | .br | 71 | .br |
64 | Virtual dirs: /tmp, /var/tmp, /dev, | 72 | Virtual dirs: /tmp, /var/tmp, /dev, |
65 | .br | 73 | .br |
66 | Warning: I can run programs in /home/netblue | 74 | |
67 | .br | 75 | .br |
68 | 6394:netblue:libreoffice:/usr/bin/firejail libreoffice | 76 | 26090:netblue::/usr/bin/firejail /opt/firefox/firefox |
69 | .br | 77 | .br |
70 | Virtual dirs: /tmp, /var/tmp, /dev, | 78 | Virtual dirs: /home/netblue, /tmp, /var/tmp, /dev, /etc, /usr/share, |
71 | .br | 79 | .br |
80 | /run/user/1000, | ||
81 | .br | ||
82 | |||
83 | .br | ||
84 | 26160:netblue:tor:firejail --private=~/tor-browser_en-US ./start-tor | ||
85 | .br | ||
86 | Warning: AppArmor not enabled | ||
87 | .br | ||
88 | Virtual dirs: /home/netblue, /tmp, /var/tmp, /dev, /etc, /bin, | ||
89 | .br | ||
90 | /usr/share, /run/user/1000, | ||
91 | .br | ||
92 | Warning: I can run programs in /home/netblue | ||
93 | .br | ||
94 | |||
72 | 95 | ||
73 | .SH LICENSE | 96 | .SH LICENSE |
74 | This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. | 97 | This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
75 | .PP | 98 | .PP |
76 | Homepage: https://firejail.wordpress.com | 99 | Homepage: https://firejail.wordpress.com |
77 | .SH SEE ALSO | 100 | .SH SEE ALSO |
78 | \&\flfirejail\fR\|(1), | 101 | .BR firejail (1), |
79 | \&\flfirecfg\fR\|(1), | 102 | .BR firemon (1), |
80 | \&\flfirejail-profile\fR\|(5), | 103 | .BR firecfg (1), |
81 | \&\flfirejail-login\fR\|(5) | 104 | .BR firejail-profile (5), |
82 | \&\flfirejail-users\fR\|(5) | 105 | .BR firejail-login (5), |
106 | .BR firejail-users (5), | ||